On 5/27/24 16:28, Jarkko Sakkinen wrote:
Public key blob is not just x and y concatenated. It follows RFC5480
section 2.2. Address this by re-documenting the function with the
correct description of the format.
Link: https://datatracker.ietf.org/doc/html/rfc5480
Fixes: 4e6602916bc6 ("crypto: ecdsa - Add support for ECDSA signature verification")
Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
It is a bug fix that does not really need a stable backport. Still
categorizes as a bug because by following the existing documentation
you end up with an error code.
crypto/ecdsa.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c
index 258fffbf623d..55114146ff84 100644
--- a/crypto/ecdsa.c
+++ b/crypto/ecdsa.c
@@ -215,9 +215,8 @@ static int ecdsa_ecc_ctx_reset(struct ecc_ctx *ctx)
}
/*
- * Set the public key given the raw uncompressed key data from an X509
- * certificate. The key data contain the concatenated X and Y coordinates of
- * the public key.
+ * Set the public ECC key as defined by RFC5480 section 2.2 "Subject Public
+ * Key". Only the uncompressed format is supported.
*/
static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen)
{